Tired of attending endless seminars listening to people pontificating about the problem, but never suggesting a solution?
The GDPR deadline is the 25th May 2018, and still a number of companies are yet to start the process to become compliant. But does this mean that it is too late? No. Becoming compliant of this law, like any other law, is an evolving discipline. The Information Commissioner’s Office (effectively the police of the law) has informed the country that you must be seen to start their process of compliance as a minimum by the deadline. But what is the process?
Generally speaking, companies will not suggest a solution, this is mainly because they don’t want to put their reputation at risk. This is all very well, but in the meantime, hundreds of companies are left stranded looking to the ‘experts’ for help, and it becomes increasingly frustrating for them with every passing day, not getting any closer to compliance. There have been several seminars on GDPR over the last year, and most of them have been very informative. However, on review, what have they informed us about? So far, we’ve been given fantastic explanations of what GDPR is, when it comes into effect, and why you should pay attention to it. Has anyone ever told you what you need to do about it though? More importantly, have they told you how to do it?
Although it doesn’t seem like it, there are solutions to this problem. Clark IT have created a solution that has a proven track record of success. We’re working with several companies, of all shapes and sizes to ensure compliance is met with each. Our track record in this service spans from Micro-Businesses with less than 5 employees, to Global Organisations.
We are a trusted partner of the Scottish Business Resilience Centre (SBRC) and have advised organisations such as Scottish Enterprise. Our Managing Director, has been asked to sit on multiple panels as a thought leader on the new law, including one at IT Nation Europe, alongside the Information Commissioners Office.
So how do we do it? For starters, we’re not alone in the fight. We work in collaboration with companies with the correct skills to ensure that we cover all basis. We don’t believe this service can be delivered as a whole by one organisation. It requires a multitude of expertise, including legal, HR, I.T., training and more. We have taken the time to build strategic relationships with the right partners to provide such expertise, and thus provide a ‘whole product’ that will allow you to gain compliance from one point of contact.
What does our solution achieve?
Firstly, it will achieve compliance to the full extent of the GDPR law as it stands now. This law will inevitably change and adapt as it progresses, and case law is introduced. However, we will work with you to adapt alongside it and ensure you remain as compliant as possible as society move forward.
Clark IT are also one of very few Certifying Bodies for the UK Governments ‘CyberEssentials Scheme’. This is currently the only UK Government sponsored certification for Cyber Security. Although this is our recommended pathway to help you with your compliance, other alternatives may also provide value, such as; ISO27001 and EU GDPR Seal.
The CyberEssentials scheme is designed to give organisations a realistic and attainable framework for compliance, which lacks the timescales and the cost of the 2 accreditations above. Having this certification in your organisation will take care of the ‘technical measures’ that are required by the new GDPR law. Clark IT guarantee a pass for this scheme.
Setting aside the technical measures, the GDPR is mainly surrounding business process and policy, and to ensure you handle personal data in the correct manner. With that in mind, we, with the help of our strategic partners, are able to provide all services that are required for this function, such as the implantation of – Business Process and Policy Templates; Outsourced Data Protection Officer Service; Process Mapping; Consultancy and 3rd Party Advice.
It is of vital importance that it is understood that the deadline for the new law is not the end of the road. Once GDPR comes into effect, companies must continually comply going forward. Clark IT have set in motion continual compliance efforts with several companies already, and look to do so with all companies that go through our process. This ensures that the standards of the law does not diminish within your company, and the processes set in place are continually followed by every employee.
The clock is ticking. With the deadline of the 25th May coming in fast, the time for simply talking about the problem is over. Companies need to commit to a strategy to become compliant, instead of adopting the ‘wait and see’ approach. Action will need to be taken before the deadline, or companies will be seen to be breaking the law.
There are a few solutions available to you, but you will need to find the one that is right for you. Clark ITs’ solution provides a solid basis for GDPR Compliance, due to our collaborative efforts with our strategic partners.
If you have been struggling with the implantation of the new law, or simply do not know where to begin, please give us a call and we will be happy to help in any way we can.
